考虑网络攻击影响的源网荷储系统风险评估

doi:10.3969/j.issn.2097-0706.2024.05.005

摘要/Abstract

摘要：

随着能源互联网技术的发展，电网调度正向“源网荷储”协同优化运行模式转变，系统利用能源优化配置、多能互补控制、大数据分析等先进技术，实现清洁能源高效利用、系统资源交互共享、电力需求响应等特性，由于物理设备与信息系统的深度耦合，针对其信息系统的网络攻击可能会导致物理故障。为了评估网络攻击对源网荷储系统的影响，从攻击者角度出发分析网络攻击的影响并建立改进的攻击图，采用频繁模式增长（FP-Growth）关联规则分析方法确定攻击路径；根据漏洞评估与贝叶斯定理确定攻击目标被成功攻击的概率，将源网荷储遭受网络攻击产生故障的概率乘以负荷损失量作为风险评估指标。分别对源网荷储系统中配电网断路器与分布式电源遭受网络攻击的场景进行风险定量评估，验证了所提方法的可行性与有效性。

关键词: 能源互联网, 源网荷储系统, 多能互补, 大数据分析, 清洁能源, 网络攻击, 攻击图, 风险评估

Abstract:

With the boost of Energy Internet， power grid dispatching is gradually taking "source-grid-load-storage" integrated optimization strategy. The optimization mode can realize effective use of clean energy，sharing of resources and demand response of an integrated system with optimal allocation of resources，multi-energy complementation，big data analysis and other advanced technologies. However， due to the deep coupling of physical devices and information systems， cyber attacks aiming at information systems might lead to physical faults. To evaluate the effect of cyber attacks on a source-grid-load-storage integrated system， the effect of cyber attacks is analyzed from the perspective of attackers. Then， the improved attack graph is built， and attack routes are determined by Frequent Pattern Growth（FP-Growth）association rule mining. Then， the probability of being aimed and attacked is obtained by vulnerability assessment and Bayesian theorem. The risk assessment index is the product of the probability of cyber attack on the source-grid-load-storage integrated system and the load loss. The risks of distribution network circuit breakers and distributed sources subjected to cyber attacks are quantitively assessed， and the effectiveness of the proposed method is verified.

Key words: Energy Internet, source-grid-load-storage system, multi-energy complementation, big data analysis, clean energy, cyber attack, attack graph, risk assessment

中图分类号:

TK018：TM769

俞胜, 周霞, 沈希澄, 戴剑丰, 刘增稷. 考虑网络攻击影响的源网荷储系统风险评估[J]. 综合智慧能源, 2024, 46(5): 41-49.

YU Sheng, ZHOU Xia, SHEN Xicheng, DAI Jianfeng, LIU Zengji. Risk analysis on the source-grid-load-storage system affected by cyber attacks[J]. Integrated Intelligent Energy, 2024, 46(5): 41-49.

图/表 13

图1

图2

图3

表1

图4

图5

图6

图7

图8

表2

图9

表3

图10

参考文献 23

[1]	刘东, 盛万兴, 王云, 等. 电网信息物理系统的关键技术及其进展[J]. 中国电机工程学报, 2015, 35(14):3522-3531.
	LIU Dong, SHENG Wanxing, WANG Yun, et al. Key technologies and trends of cyber physical system for power grid[J]. Proceedings of the CSEE, 2015, 35(14):3522-3531.
[2]	郭庆来, 辛蜀骏, 孙宏斌, 等. 电力系统信息物理融合建模与综合安全评估:驱动力与研究构想[J]. 中国电机工程学报, 2016, 36(6):1481-1489.
	GUO Qinglai, XIN Shujun, SUN Hongbin, et al. Power system cyber-physical modelling and security assessment: Motivation and ideas[J]. Proceedings of the CSEE, 2016, 36(6):1481-1489.
[3]	XIN S J, GUO Q L, SUN H B, et al. Cyber-physical modeling and cyber-contingency assessment of hierarchical control systems[J]. IEEE Transactions on Smart Grid, 2015, 6(5):2375-2385.
[4]	刘林, 祁兵, 李彬, 等. 面向电力物联网新业务的电力通信网需求及发展趋势[J]. 电网技术, 2020, 44(8):3114-3130.
	LIU Lin, QI Bing, LI Bin, et al. Requirements and developing trends of electric power communication network for new services in electric internet of things[J]. Power System Technology, 2020, 44(8):3114-3130.
[5]	胡怡霜, 丁一, 朱忆宁, 等. 基于状态依存矩阵的电力信息物理系统风险传播分析[J]. 电力系统自动化, 2021, 45(15):1-10.
	HU Yishuang, DING Yi, ZHU Yining, et al. Risk propagation analysis of cyber-physical power system based on state dependence matrix[J]. Automation of Electric Power Systems, 2021, 45(15):1-10.
[6]	汤奕, 王琦, 倪明, 等. 电力信息物理融合系统中的网络攻击分析[J]. 电力系统自动化, 2016, 40(6):148-151.
	TANG Yi, WANG Qi, NI Ming, et al. Analysis of cyber attacks in cyber physical power system[J]. Automation of Electric Power Systems, 2016, 40(6):148-151.
[7]	李田, 苏盛, 杨洪明, 等. 电力信息物理系统的攻击行为与安全防护[J]. 电力系统自动化, 2017, 41(22):162-167.
	LI Tian, SU Sheng, YANG Hongming, et al. Attacks and cyber security defense in cyber-physical power system[J]. Automation of Electric Power Systems, 2017, 41(22):162-167.
[8]	徐飞阳, 薛安成, 常乃超, 等. 电力系统自动发电控制网络攻击与防御研究现状与展望[J]. 电力系统自动化, 2021, 45(3): 3-14.
	XU Feiyang, XUE Ancheng, CHANG Naichao, et al. Research status and prospect of cyber attack and defense on automatic generation control in power system[J]. Automation of Electric Power Systems 2021, 45(3):3-14.
[9]	KANDASAMY N K. An investigation on feasibility and security for cyberattacks on generator synchronization process[J]. IEEE Transactions on Industrial Informatics, 2020, 9(16):5825-5834.
[10]	王轶楠, 林彦君, 李焕, 等. DoS攻击下电力网络控制系统脆弱性分析及防御[J]. 控制与决策, 2017, 32(3):411-418.
	WANG Yinan, LIN Yanjun, LI Huan, et al. Vulnerability analysis and countermeasures of electrical network control systems under DoS attacks[J]. Control and Decision, 2017, 32(3):411-418.
[11]	王电钢, 黄林, 刘捷, 等. 考虑负荷虚假数据注入攻击的电力信息物理系统防御策略[J]. 电力系统保护与控制, 2019, 47(1):28-34.
	WANG Diangang, HUANG Lin, LIU Jie, et al. Cyber-physical system defense strategy considering loaded false data injection attacks[J]. Power System Protection and Control, 2019, 47(1):28-34.
[12]	DENG R L, XIAO G X, LU R X. Defending against false data injection attacks on power system state estimation[J]. IEEE Transactions on Industrial Informatics, 2017, 13(1):198-207.
[13]	CHAOJUN G, JIRUTITIJAROEN P, MOTANI M. Detecting false data injection attacks in AC state estimation[J]. IEEE Transactions on Smart Grid, 2015, 6(5):2476-2483
[14]	梅生伟, 王莹莹, 陈来军. 从复杂网络视角评述智能电网信息安全研究现状及若干展望[J]. 高电压技术, 2011, 37(3):672-679.
	MEI Shengwei, WANG Yingying, CHE Laijun. Overviews and prospects of the cyber security of smart grid from the view of complex network theory[J]. High Voltage Engineering, 2011, 37(3):672-679.
[15]	薛禹胜, 李满礼, 罗剑波, 等. 基于关联特性矩阵的电网信息物理系统耦合建模方法[J]. 电力系统自动化, 2018, 42(2):11-19.
	XUE Yusheng, LI Manli, LUO Jianbo, et al. Modeling method for coupling relations in cyber physical power systems based on correlation characteristic matrix[J]. Automation of Electric Power Systems, 2018, 42(2):11-19.
[16]	张宇航, 倪明, 孙永辉, 等. 针对网络攻击的配电网信息物理系统风险量化评估[J]. 电力系统自动化, 2019, 43(21):12-22.
	ZHANG Yuhang, NI Ming, SUN Yonghui, et al. Quantitative risk assessment of cyber-physical system for cyber-attacks in distribution network[J]. Automation of Electric Power Systems, 2019, 43(21):12-22.
[17]	XU S, XIA Y X, SHEN H L. Analysis of malware-induced cyber attacks in cyber-physical power systems[J]. IEEE Transactions on Circuits and Systems: Express Briefs, 2020, 67(12):3482-3486.
[18]	王宇飞, 高昆仑, 赵婷, 等. 基于改进攻击图的电力信息物理系统跨空间连锁故障危害评估[J]. 中国电机工程学报, 2016, 36(6):1490-1499.
	WANG Yufei, GAO Kunlun, ZHAO Ting, et al. Assessing the harmfulness of cascading failures across space in electric cyber-physical system based on improved attack graph[J]. Proceedings of the CSEE, 2016, 36(6):1490-1499.
[19]	许训炜, 沈希澄, 周霞, 等. 基于数据驱动的源网荷储协同控制系统网络攻击关联性分析[J]. 浙江电力, 2023, 42(2):76-82.
	XU xunwei, SHEN Xicheng, ZHOU Xia, et al. Research on network attack correlation analysis for generation-network-load-storage control system based on data-driven algorithm[J]. Zhejiang Electric Power, 2023, 42(2):76-82.
[20]	周霞, 杨洲, 倪明, 等. 考虑信息-物理组合预想故障筛选的配电网CPS安全性评估[J]. 中国电力, 2020, 53(1):40-48.
	ZHOU Xia, YANG Zhou, NI Ming, et al. Security evaluation of distribution network CPS considering cyber-physical combinations for anticipated fault screening[J]. Electric Power, 2020, 53(1):40-48.
[21]	王作广, 魏强, 刘雯雯. 基于攻击树与CVSS的工业控制系统风险量化评估[J]. 计算机应用研究, 2016, 33(12):3785-3790.
	WANG Zuoguang, WEI Qiang, LIU Wenwen. Quantative risk assessment of industrial control systems based on attack-tree and CVSS[J]. Application Research of Computers, 2016, 33(12):3785-3790.
[22]	杨国泰, 王宇飞, 罗剑波, 等. 电力CPS信息网络脆弱性及其评估方法[J]. 中国电力, 2018, 51(1):83-89.
	YANG Guotai, WANG Yufei, LUO Jianbo, et al. Electric CPS information network vulnerability and assessment method[J]. Electric Power, 2018, 51(1):83-89.
[23]	ZHANG Y C, XIANG Y M, WANG L F. Power system reliability assessment incorporating cyber attacks against wind farm energy management systems[J]. IEEE Transactions on Smart Grid, 2017, 8(5):2343-2357.

指标	CVSS指标	等级	取值
可利用性	攻击路径V_A	物理	0.20
		本地	0.55
		邻近网络	0.62
		远程网络	0.85
	攻击复杂度C_A	高	0.44
	攻击复杂度C_A	低	0.77
	权限要求R_P	无要求	0.85
		低权限	范围不变0.62
		低权限	范围可变0.68
		高权限	范围不变0.27
		高权限	范围可变0.50
	用户交互I_U	无交互	0.85
	用户交互I_U	有交互	0.62
影响度	机密性C_o/完整性I_n/可用性A_v	无影响	0
		低影响	0.22
		高影响	0.56

节点	节点名	漏洞号	后果	成功概率
A₁	ONU设备	CVE-2007-5460	路由模式改变	0.396
A₂	无线终端	CVE-2013-4984	权限提升	0.462
I₁/I₂	OLT 设备	CVE-2017-5521	权限提升	0.326
I₃	公网前置机	CVE-2007-4752	权限提升	0.235
I₄	监控子站服务器	CVE-2009-0241	获取执行任意代码权限	0.563
I₅	主站前置机	CVE-2007-4752	权限提升	0.276
G	控制服务器	CVE-2013-4465	获取执行任意代码权限	0.357

节点	节点名	漏洞号	后果	成功概率
A₁	WTCP	CVE-2015-3950	获取访问权限	0.726
A₂	风电场LAN	CVE-2016-6159	获取访问权限	0.248
A₃	远程控制LAN	CVE-2010-2843	获取访问权限	0.336
A₄	控制中心LAN	CVE-2012-5968	获取访问权限	0.268
I₁	WTCP主机	CVE-2016-2287	获取执行任意代码权限	0.465
I₂	通信服务器	CVE-2019-1872	权限提升	0.563
I₃	ICCP服务器	CVE-2006-0059	权限提升	0.276
I₄	WEB服务器	CVE-2017-13995	权限提升	0.357
I₅	应用服务器	CVE-2002-2153	权限提升	0.554
G	SCADA服务器	CVE-2019-1040	执行任意代码	0.467